1 of 1 SIEM Jobs in Southampton

optimisation of advanced threat detection systems within a highly secure environment. You will work within a Security Operations Centre (SOC), designing and maintaining detection logic across SIEM (Security Information and Event Management) and EDR (Endpoint Detection and Response) platforms. Your work will help identify and contain malicious activity, reduce false positives, and improve overall detection coverage across networks, endpoints, cloud … to the development of detection rules, threat hunting activities, and automation workflows to support incident response and continuous improvement. Key responsibilities include: Designing and tuning detection rules and use cases in SIEM and EDR platforms Monitoring and investigating security alerts to identify potential threats Conducting proactive threat hunting using MITRE ATT&CK and threat intelligence sources Collaborating with incident response … i.e. Level 4 or higher) qualification in Cyber Security Or Computer Science, or Networks OR certifications such as CompTIA Security+, ISACA OR equivalent experience Strong hands-on experience with SIEM platforms (Elastic Security mandatory; Sentinel or Splunk desirable) and EDR tools (e.g. Elastic XDR, Microsoft Defender, CrowdStrike, SentinelOne) Proficiency in detection rule development using query languages (e.g. ESQL, KQL, Lucene More ❯